package com.easy.security.config;

import com.easy.security.filter.PermissionFilter;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.method.configuration.EnableMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.web.SecurityFilterChain;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;

@Configuration
@EnableMethodSecurity(prePostEnabled = true)
public class SecurityConfig {
    @Bean
    public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception{

        http.authorizeHttpRequests(auth ->auth.anyRequest().authenticated()).addFilterBefore(new PermissionFilter(), UsernamePasswordAuthenticationFilter.class).formLogin().disable().logout().disable().csrf().disable();
        http.exceptionHandling(handling ->handling.accessDeniedHandler((request, response,ex) -> {
            response.setStatus(403);
            response.setCharacterEncoding("UTF-8");
            response.getWriter().write("{\"code\":403, \"msg\":\"权限不足\"}");
        }));
        return http.build();
    }
}
